Open Source Summit Europe 2025: Full Schedule

25-27, August 2025
Amsterdam, Netherlands
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit Europe 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Central European Summer Time, CEST (UTC +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right.

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

09:55 CEST

Snag It, Flash It, Ship It: Rethinking Factory Flashing With Open Tools - Romain Gantois, Bootlin & Paresh Bhagat, Texas Instruments

Monday August 25, 2025 09:55 - 10:35 CEST

D201

Factory flashing is a critical stage in the lifecycle of any embedded product. It can quickly become a bottleneck in the supply chain, and its correct execution is essential to ensure that shipped devices are both fully functional and secure. Today’s available tools are often closed-source and tightly coupled to specific vendors, limiting flexibility and making customization difficult.

In 2023, Bootlin introduced Snagboot—an open-source, vendor-agnostic tool designed for recovering and reflashing embedded platforms. Building on this foundation, Bootlin and Texas Instruments collaborated in 2024 to expand Snagboot into a comprehensive factory flashing solution, maintaining its open-source and vendor-neutral nature.

In this talk, we’ll present Snagboot as a recovery and reflashing solution, highlighting its core tools, snagrecover and snagflash. We’ll then dive into the unique challenges of factory flashing and explain how our extended toolset—Snagfactory—addresses them effectively.

Speakers

Romain Gantois

Embedded Linux and kernel engineer and trainer, Bootlin

Romain's journey at Bootlin started with his end of studies internship, during which he developed Snagboot, an open-source and vendor-agnostic embedded platform recovery and reflashing tool. He is currently still maintaining Snagboot, which has attracted several contributions since... Read More →

Paresh Bhagat

Embedded Software Engineer, Texas Instruments

I am an Embedded Software Engineer at Texas Instruments with nearly 3 years of experience in developing and integrating solutions for embedded Linux systems. My work spans across multiple areas including Hypervisor like Jailhouse, custom Linux build systems using Buildroot and Yocto... Read More →

Monday August 25, 2025 09:55 - 10:35 CEST
D201

Embedded Linux Conference

Audience Experience Level Any

09:55 CEST

TPM Is No Silver Bullet: Pitfalls in Embedded Device Security - David Gstir, sigma star gmbh

Monday August 25, 2025 09:55 - 10:35 CEST

Elicium 1

With the growing adoption of TPMs (Trusted Platform Modules) in the Linux ecosystem, thanks to features like TPM-backed disk encryption in systemd and the longstanding use in Windows BitLocker, TPM chips are seeing a resurgence as a go-to for secure secret storage. This trend is increasingly making its way into embedded devices. Often as a measure to fulfill NIS2, EU Cyber Resilience Act or similar requirements.

However, embedded systems present a vastly different threat model compared to desktops or servers, and TPMs often don’t deliver the level of security many developers assume. In this talk, David will demystify TPM functionality in embedded Linux environments. He will give a concise overview of security threats for embedded devices and where a TPM can and or where it cannot. Special focus will be put on using TPMs for disk encryption and integrity.

The session will wrap up with a discussion of alternative approaches, other usage scenarios for TPMs, and how to make informed decisions when designing secure embedded systems.

Speakers

David Gstir

Senior Security Expert, sigma star gmbh

David Gstir is a security engineer with 15+ years of hands-on experience. He has been actively involved in security-related projects, successfully identifying vulnerabilities in various consumer and enterprise software.

Monday August 25, 2025 09:55 - 10:35 CEST
Elicium 1

Embedded Linux Conference

Audience Experience Level Any

11:20 CEST

Dig Smart: Building a Reliable Cloud Native DNS for Modern Networks - Joel Studler & Fabian Schulz, Swisscom

Monday August 25, 2025 11:20 - 12:00 CEST

Emerald Room

Join us for a tech talk where we'll demonstrate how we operate and automate a highly available, geo-redundant DNS service for Swisscom's 5G mobile network using a cloud-native tech stack. We'll provide an in-depth look into our multi-cluster architecture that leverages ExternalDNS, PowerDNS, and CoreDNS. Additionally, we'll showcase how the system behaves when a cluster breaks down, and how we monitor and troubleshoot this multi-cluster setup at scale.

This talk will be particularly interesting for those with demanding DNS requirements—such as applications which require rare DNS resource records like NAPTR—as well as engineers and architects tasked with building a DNS service using cloud-native tools who, due to compliance, governance, or availability concerns, cannot use publicly available DNS-as-a-service offerings.

Speakers

Fabian Schulz

Senior DevOps Engineer, Swisscom

Fabian Schulz is a cloud architect and Kubernetes specialist known for his expertise in building resilient cloud-native solutions. Currently at Swisscom, he focuses on designing next generation 5G core services using open-source technologies. With a passion for innovation, Fabian... Read More →

Joel Studler

DevOps Engineer and System Architect, Swisscom

Joel is a DevOps Engineer currently in a team that builds the cloud native 5G core at Swisscom. He is experienced in infrastructure automation, software defined networking and highly available databases and passionate about automation. He is CK* certified and has written several CRD/Operator... Read More →

Monday August 25, 2025 11:20 - 12:00 CEST
Emerald Room

Cloud & Containers

Audience Experience Level Any

11:20 CEST

Decentralized Technologies and Public Infrastructure - Sean Bohan, LF Decentralized Trust

Monday August 25, 2025 11:20 - 12:00 CEST

TBA

In a digital-first world, how are governments adapting the public infrastructure underpinning services for public administrations, businesses, organizations, and citizens? What risks and challenges do they face as they digitize these services? Sean Bohan of LF Decentralized Trust will sit down for a Q+A with the incoming director of Europeum EDIC about delivering EU-wide cross-border services via the European Blockchain Services Infrastructure (EBSI) network. This session will dive into the roll-out of EBSI as a secure, trustworthy digital verification infrastructure for Europe. It will cover how EBSI and other public infrastructure projects serve as a model for verifying identities, credentials, and data integrity with reduced inefficiencies and fraud.

Topics will include:
-Services EBSI supports—verifiable educational, medical, and travel credentials; patent protections; product authentication, and more
-Adoption and interoperability challenges of deploying across 30+ countries, each with its own regulatory framework and infrastructure
-Decision to build on Besu, an enterprise Ethereum client.
-Role of open source, decentralized tech in delivering digital verification at scale

Speakers

Sean Bohan

Community Architect, LF Decentralized Trust

In a 20+ year career in technology, Sean has built digital experiences for clients like ABC Television and JetBlue, defined global digital strategy for GM and advised investors on where technology is going. He spent the last dozen years as an entrepreneur and executive working on... Read More →

Monday August 25, 2025 11:20 - 12:00 CEST
TBA

Digital Trust

Audience Experience Level Any

11:20 CEST

32-bit Linux Support Now and in the Future - Arnd Bergmann, Linaro

Monday August 25, 2025 11:20 - 12:00 CEST

D201

Over the last few years, 64-bit Linux has made it from Servers, PCs and high-end embedded machines lower down in the market, everywhere including the smallest embedded Linux targets. This gives new challenges for users that rely on existing 32-bit hardware being kept up to date, while new features development and testing on those machines keeps winding down.

Arnd gives an overview of which 32-bit systems are still supported, and how long that is going to be the case. This covers modern ARMv7/v8 hardware, older ARMv4/v5/v6 machines, and other embedded CPU architectures.

Specific issues include MMU-less microcontrollers, large memory, small memory, 32-bit userland on 64-bit hardware and the state of the 2038 epochalypse.

Speakers

Arnd Bergmann

Arm SoC kernel maintainer, Linaro

Arnd Bergmann has been with Linaro since almost the beginning. He's worked on the kernel across many CPU architectures over his career is and currently co-maintaining the soc tree that is used for merging platform support into the kernel.

Monday August 25, 2025 11:20 - 12:00 CEST
D201

Embedded Linux Conference

Audience Experience Level Any

11:20 CEST

Securing Software Supply Chains: OpenCode as Building Block for Sovereign Digital Infrastructure - Leonhard Kugler, Zentrum Digitale Souveränität

Monday August 25, 2025 11:20 - 12:00 CEST

G105

As software becomes increasingly critical to the functioning of the state, economy, and society, ensuring its security and stability is a core task for governments. Secure software supply chains are a key component of this effort and a decisive factor for successful digitalisation. To effectively guarantee supply chain security, a new approach to IT security architecture is required, one that brings together the expertise of security experts, developers, and government agencies to standardise testing procedures and facilitate collaborative security analyses. The openCode platform, run by the German Centre for Digital Sovereignty (ZenDiS), is central in addressing this challenge: by establishing binding security standards, promoting transparency, and enabling the tracing of origins for critical software components, openCode helps build resilient, sovereign OS infrastructure for public administration. A recent strategy paper published by ZenDiS and the German Federal Office for Information Security develops a strategy on how to secure software supply chains with openCode, which will be presented in this talk.

Speakers

Leonhard Kugler

Head of Open Source Platform, Zentrum Digitale Souveränität

Leonhard Kugler, head of ZenDiS' openCode software platform, has over 20 years of experience in IT, digitalisation, and organisational development. With a background that spans software development, founding a software development and services agency, and serving as an interim manager... Read More →

Monday August 25, 2025 11:20 - 12:00 CEST
G105

OpenGovCon

Audience Experience Level Any

11:20 CEST

The CRA, Where Are We Six Months After Its Approval - Timo Perala, Nokia

Monday August 25, 2025 11:20 - 12:00 CEST

G106

The Cyber Resielience Act (CRA) was approved late 2024 by European Union.
Open source community was heavily involved in influencing drafting of the CRA. But the need for active engagement with the regulator did not end there. During the three-year period from late 2024 to late 2027 a lot of standardisation and guidance needs to be created to guide industries, manufacturers and open source community to best comply and cope with the CRA. Open source communities have organised to address these challenges.

Here we shortly explain the motivation for, and the main requirements set forth by the CRA, the various relevant organisations working on the regulation and the timelines of the work, as well as the achievements of the open source community in this work so far, and what is the work ahead of us towards the final deadline in late 2027. After the presentation you should be able to understand what the CRA is and why it is introduced, how it impacts world wide - also open source, how open source community is addressing this new regulation and how you can join the community.

Speakers

Timo Perala

Head of Open Source Network and Service Automation, Nokia

Timo has over 25 years of experience in network systems, systems architecture research, new business incubation, to mobile network and operations systems standardization. In his current role Timo is with Nokia OSPO, responisble for Automation related open source projects and Regulatory... Read More →

Monday August 25, 2025 11:20 - 12:00 CEST
G106

Standards & Specifications

Audience Experience Level Any

11:20 CEST

CPatch: Optimising OTA Upgrades Through Binary Diffs - Jordan Yates, Embeint

Monday August 25, 2025 11:20 - 12:00 CEST

D202

Do you find yourself twiddling your thumbs while waiting for dozens of devices to upgrade over Bluetooth? Or do you think twice before pressing the “Firmware Rollout” button due to the anticipated LTE data bill? Introducing Constrained Patch (CPatch), a binary patching algorithm designed specifically for Firmware Over-the-Air (FOTA) upgrades of constrained devices running Zephyr.

In this session I will step through the design and implementation of the algorithm, including:
* Prerequisites for a diff based solution
* Constraints the algorithm works within
* Embedded patching implementation
* Python patch generation
* Comparisons against existing algorithms
* Live demo!

Speakers

Jordan Yates

Co-founder @ Chief Engineer, Embeint

Embedded developer focusing on ultra-low power wireless devices.

Monday August 25, 2025 11:20 - 12:00 CEST
D202

Zephyr Developer Summit

Audience Experience Level Any

11:20 CEST

Zephyr Workqueues: How They Work and Queue - Loic Domaigne, Doulos GmbH

Monday August 25, 2025 11:20 - 12:00 CEST

D203

Zephyr provides workqueue, a mechanism used to offload non-urgent processing to a lower priority thread. Workqueues are typically found in ISR (interrupt service routine) and high-priority threads.

In this talk, we shall present:
- what workqueues are, and what they are not,
- their typical use case
- how workqueues, scheduling and meta-IRQ threads relate,
- some best practices to address some common challenges, like sysworkq bottleneck, passing data or handling cancellation
- some lesser known workqueues, like the p4_wq

This is a practical hands-on talk. We’ll therefore run demo code and investigate what’s going on under the hood by looking at the Zephyr internal implementation! This will help us to get a solid understanding of workqueues, their usages and limitations, “directly from the source” (code).

Speakers

Loïc Domaigné

Senior Technical Staff Member, Doulos GmbH

Loïc loves sharing knowledge and is an enthusiastic instructor at Doulos since 2018. Loïc enjoys teaching Embedded Linux, Yocto, Python, Edge AI… and Zephyr Essentials, the new training he designed.

Monday August 25, 2025 11:20 - 12:00 CEST
D203

Zephyr Developer Summit

Audience Experience Level Any

13:30 CEST

Trust, but Verify: Proactive Security in Open Source - Jess McClintock, Google

Monday August 25, 2025 13:30 - 14:10 CEST

TBA

Ken Thompson's "Reflection on Trusting Trust" warns against blindly relying on others' code, emphasizing the gap between reviewed source and built artifacts. This is critical for developers navigating complex trust models, where source code alone offers limited assurance. Recent supply chain attacks on open source packages, like xz and boltdb-go, expose the real-world practicality of deceiving traditional source reviews, threatening the foundation of open source consumption.

In this talk, we discuss a novel method for analysing and investigating the code that actually gets built using Capslock, an open source CLI tool for analyzing Go packages. By analysing and exposing discrepancies between a package’s advertised and actual permissions, potential attacks (such as the malicious version of boltdb-go) can be thwarted. Integrating this capability information into both free public data sources (e.g. deps.dev) and guided code review systems enables developers to shift left, and feel more confident trusting open source.

Speakers

Jess McClintock

Senior Software Engineer, Google

Jess is a senior software engineer on the Open Source Security team at Google. In this role, she develops software solutions to security problems. Previously, Jess completed a PhD in theoretical computer science at the University of Melbourne, and has written papers on approximation... Read More →

Monday August 25, 2025 13:30 - 14:10 CEST
TBA

Digital Trust

Audience Experience Level Any

13:30 CEST

Thinking Outside the (Linux) Box: Security Considerations From Human Actors - Esa Jääskelä, Buutti Oy

Monday August 25, 2025 13:30 - 14:10 CEST

D201

Embedded Linux security often focuses on protecting the devices against attackers using technical safeguards like secure boot and kernel hardening. While essential, this engineering-oriented perspective can result in overlooking a major threat vector: human behavior. Social engineering remains a common attack method, and even embedded devices with limited interactability can be vulnerable to this.

This presentation explores the relationships between developers, users, and attackers to identify security requirements and possible shortcomings in security planning. Core principles include:

- Prevent users (and developers) from compromising security
- Design for resilience against security failures
- Recognize that misunderstandings lead to errors
- Communicate clearly to reduce social engineering risk

While the talk isn't deeply technical, it presents embedded Linux–oriented solutions to these human-centric challenges where applicable. The presentation is accessible to people who are still beginners in the embedded world. My goal is to ensure that device developers consider the actions of both malicious actors and legitimate users in their threat models.

Speakers

Esa Jääskelä

Software Developer, Buutti Oy

Esa Jääskelä is an embedded systems engineer with a focus on Linux, Yocto, and programming. He holds an MSc in Computer Science and Engineering and has worked in embedded Linux development since 2016. Passionate about cybersecurity, Esa explores system hardening and shares technical... Read More →

Monday August 25, 2025 13:30 - 14:10 CEST
D201

Embedded Linux Conference

Audience Experience Level Any

13:30 CEST

Realtime Linux Beyond PREEMPT_RT: Exploring Xenomai's Dual-Kernel Approach - Richard Weinberger, sigma star gmbh

Monday August 25, 2025 13:30 - 14:10 CEST

G104

In the area of Linux-based real-time applications, PREEMPT_RT has become a widely embraced solution. However, it's not the only path to achieving real-time characteristics. Xenomai, utilizing a dual-kernel approach, presents a compelling alternative that merits consideration.

In this session, Richard will delve into the Xenomai project, highlighting its unique architecture and the scenarios where it excels over PREEMPT_RT and where not. Participants will gain a comprehensive understanding of how to deploy Xenomai in real-world applications through step-by-step examples.

This talk is designed not only to introduce attendees to the fundamental concepts of Xenomai but also to equip them with practical skills for implementing their own real-time solutions using this framework. Whether you’re a developer seeking to expand your toolkit or a system architect exploring different real-time options, this presentation will provide valuable insights into a versatile and powerful alternative to the conventional PREEMPT_RT route.

Speakers

Richard Weinberger

CTO, sigma star gmbh

Richard Weinberger is co-founder of sigma star gmbh where he offers consulting services around Linux and IT security.

Monday August 25, 2025 13:30 - 14:10 CEST
G104

Linux

Audience Experience Level Any

13:30 CEST

Upstream Kernel Hardening: Progress on Enabling -Wflex-array-member-not-at-end - Gustavo A. R. Silva, The Linux Foundation

Monday August 25, 2025 13:30 - 14:10 CEST

G102-103

The -Wflex-array-member-not-at-end compiler option was introduced in GCC 14. At the time, it revealed around 60,000 warnings in the upstream Linux kernel. While many of these were duplicates, about 650 are unique and require individual auditing and attention. These issues span different categories and vary in complexity, which adds to the challenge of globally enabling this compiler option in the upstream Linux kernel.

In this presentation, we'll share the progress we've made on this work as part of the Kernel Self-Protection Project (KSPP) over the past few months. We'll go over the challenges we've encountered, show concrete code examples, and demonstrate how to fix these kinds of problems. We'll also discuss why enabling this option is important for the kernel, and how we plan to complete this work in the near future.

Whether you're a seasoned kernel developer or someone looking to start contributing upstream, this presentation will introduce useful helpers and strategies you can use to fix existing code or implement new functionality, and in doing so, help us harden the upstream Linux kernel for the benefit of everyone.

Speakers

Gustavo A. R. Silva

Upstream Linux Kernel Engineer, The Linux Foundation

Gustavo A. R. Silva is an Upstream Linux Kernel Engineer focused on hardening and proactive security. He has spent the past several years fixing all sorts of bugs and hardening the Linux kernel. His work is supported by The Linux Foundation and Alpha-Omega. He's a member of the Kernel... Read More →

Monday August 25, 2025 13:30 - 14:10 CEST
G102-103

Linux

Audience Experience Level Any

13:30 CEST

The Impact of Copyleft on the EU CRA - Jimmy Ahlberg, Ericsson

Monday August 25, 2025 13:30 - 14:10 CEST

G107

The introduction of the EU Cyber Resilience Act (CRA) marks a transformative milestone in software security regulation within the European Union, with far-reaching implications for global software practices. As the EU seeks to bolster cybersecurity standards across digital products and services, the CRA introduces new requirements aimed at identifying, managing, and mitigating vulnerabilities more effectively.

This session will explore the specific implications of the CRA for Free and Open Source Software (FOSS), with a particular focus on projects under Copyleft licenses such as the GNU General Public License (GPL). Copyleft licenses, which require derivative works to also be open source, present unique challenges in the context of the CRA's provisions.

Join us as we delve into the complexities and opportunities presented by the EU CRA, and explore its impact on the future of Free and Open Source Software.

Speakers

Jimmy Ahlberg

Director Open Source, Ericsson

Currently Mr Ahlberg is the Director of Open Source Policy with the Ericsson OSPO. Prior to the inception of the Ericsson OSPO he worked in different roles with various aspects of Open Source in the Ericsson organization, This included consumption of and contribution to Open Source... Read More →

Monday August 25, 2025 13:30 - 14:10 CEST
G107

Operations Management

Audience Experience Level Any

13:30 CEST

Better PURLs for Better Software Compliance Processes - Philippe Ombredanne, AboutCode & Dennis Roellke, Bloomberg

Monday August 25, 2025 13:30 - 14:10 CEST

G106

Reliably identifying software components is a critical requirement for regulatory compliance.

PURL is the de-facto standard for the reliable naming of components in software applications, products, and systems, across programming languages, package ecosystems, tools, APIs and databases. Every open source and most proprietary tools for Software Composition Analysis (SCA), along with all SBOM and Vulnerability Exploitability Exchange (VEX) specifications and most vulnerability databases, adopted PURL for component identification. But a 2024 Software Composition Analysis (SCA) report demonstrated significant inconsistencies in how different tools create PURLs…

Better PURLs is a comprehensive project of open source tools and open data to correct this problem. The extended PURL syntax validation confirms that the PURL components (namespace, name, version, qualifiers) are correct for a given package ecosystem, according to the specification, and that the PURL locates an existing software package artifact.

In this talk, Philippe from AboutCode and Dennis from Bloomberg will share the latest developments and how accurate and correct PURLs facilitate better compliance processes.

Speakers

Philippe Ombredanne

Lead maintainer, AboutCode

Philippe Ombredanne is a FOSS hacker passionate about enabling easier and safer reuse of open source code. He is the lead maintainer of the AboutCode stack of open source tools for Software Composition Analysis and license and security compliance, including the industry-leading ScanCode... Read More →

Dennis Roellke

Security Architect, Bloomberg

Dennis is a Cloud Security Architect in the CTO Office at Bloomberg.

Monday August 25, 2025 13:30 - 14:10 CEST
G106

Standards & Specifications

Audience Experience Level Any

13:30 CEST

Zephyr: Evolving To CRA Readiness - Kate Stewart, The Linux Foundation

Monday August 25, 2025 13:30 - 14:10 CEST

D202

The Cyber Resiliance Act (CRA) will be coming into effect in a few short years. Product makers will have different obligations than open source stewards for compliance. The Zephyr project has been working towards making it easier for product makers to comply with the CRA over the last few years, and will continue to work with the community to refine these capabilities.

From automatic "Build SBOM" generation to LTS Vulnerability fixes being extended to 5 years, the project has some useful starting points.

This talk will discuss what is available, and where some of the gaps will be for product makers and other ecosystem vendors to consider in their roadmaps and support plans.

Speakers

Kate Stewart

VP Dependable Embedded Systems, The Linux Foundation

Kate Stewart works with the safety, security and license compliance communities to advance the adoption of best practices into embedded open source projects. Since joining The Linux Foundation, she has launched the ELISA and Zephyr Projects, as well as supporting other embedded projects... Read More →

Monday August 25, 2025 13:30 - 14:10 CEST
D202

Zephyr Developer Summit

Audience Experience Level Any

14:25 CEST

A First Person Identity System for Open Source - Wenjing Chu, Futurewei Technologies Inc. & Drummond Reed, Gen

Monday August 25, 2025 14:25 - 15:05 CEST

TBA

Open source has a trust problem. One may attribute this to the age old problem of identity frauds and related security vulnerabilities on the Internet. One may further worry that the rise of AI will dramatically increase this risk and even overrun the Internet altogether without mitigation in a fundamental level. One may also see it as an inevitable consequences of 'de-globalization' or 'fragmentation' which sows distrust and threatens to undo many of the progress we had made in the past two plus decades. The Linux Foundation's Executive Director Jim Zemlin highlighted this challenge during the LFDT member summit last year, then re-emphasized it again during the LF member summits in the fall last year and again this spring in 2025. This is a followup to that "Call to Action" to a First Person Project. A decentralized First Person developer ID system is one of the things we can do in the open source infrastructure level, i.e. the fundamental ways of practice that we know as open source, to meet this challenge. In this session, we will examine the issues, discuss the First Person Project and solution approaches, and update the community its progress.

Speakers

Wenjing Chu

Senior Director of Technology Strategy, Futurewei Technologies

Wenjing is a senior directory of technology strategy at Futurewei leading initiatives on trust in the future of computing. He is a Steering Committee member of the Trust over IP (ToIP) Foundation and co-Chairs the TSP and AI & Metaverse task forces. He is a Board Member of the OpenWallet... Read More →

Drummond Reed

Director, Trust Services, Gen

25 years working on Internet identity, security, privacy & trust

Monday August 25, 2025 14:25 - 15:05 CEST
TBA

Digital Trust

Audience Experience Level Any

14:25 CEST

What Have We Found in Git Repos? - Marta Rybczynska, Ygreky

Monday August 25, 2025 14:25 - 15:05 CEST

G102-103

Open source project repositories often expose more than developers intend - and not just the occasional leaked password. In many cases, careful analysis of public Git histories can uncover traces of vulnerabilities being fixed days or even weeks before an official security advisory is published.

In this talk, Marta will present findings from research into the repositories of several high-impact open source projects, revealing how fix commits often hint at upcoming security disclosures.

She will then share practical advice on how to reduce this kind of information leakage - helping maintainers better protect their projects and users from premature exposure.

Speakers

Marta Rybczynska

Technical Program Manager, Security Team, Eclipse Foundation/Ygreky

Marta Rybczynska has a network security background, with 20 years of experience in Open Source. She has worked with embedded operating systems like Linux and various real-time OSes, and with system libraries and frameworks up to user interfaces. She has been involved in various Open... Read More →

Monday August 25, 2025 14:25 - 15:05 CEST
G102-103

Linux

Audience Experience Level Any

14:25 CEST

Establishing Zephyr RTOS in Corporate Environments: Strategies and Success Stories - Christian Schlotter, ZEISS

Monday August 25, 2025 14:25 - 15:05 CEST

D202

Switching from any RTOS to Zephyr represents a significant transition. Join us as we revisit our journey that led to the selection of Zephyr and explore our efforts to cultivate a vibrant Zephyr developer community within a large multinational corporation.

In this session, we will discuss:

• Strategies for creating a persuading case for Zephyr

• Techniques for motivating development teams to adopt Zephyr

• Initiatives that contributed to the creation of a thriving developer community

• Ways in which the Zephyr community's momentum can energize your projects

• Methods for building a pool of Zephyr talent for recruitment purposes

Attendees will gain insight into the essential steps required to successfully integrate Zephyr RTOS into a corporate environment and sustain its use over the long term.

Speakers

Christian Schlotter

Software Architect, ZEISS

Software Architect at Carl Zeiss Meditec AG, active member of queer ERG Proud@ZEISS 🏳️‍🌈, love nature, hiking and people 😀

Monday August 25, 2025 14:25 - 15:05 CEST
D202

Zephyr Developer Summit

Audience Experience Level Any

14:25 CEST

Rust Meets Zephyr: Building Safer Embedded Applications - Martin Mosler, Zühlke Engineering AG

Monday August 25, 2025 14:25 - 15:05 CEST

D203

Rust revolutionizes systems programming with safety, performance, and concurrency, while Zephyr OS excels in embedded systems with modularity and hardware support. How well do these two technologies work together?

In this talk, we’ll explore the benefits and challenges of developing applications in Rust on top of Zephyr OS. Through a live demo and code walkthrough, I will showcase how Rust’s safety guarantees can enhance embedded application development while leveraging Zephyr’s robust ecosystem.

Key questions addressed include:

• Why should you consider Rust for embedded development?

• How does Rust integrate with Zephyr’s C-based APIs?

• What limitations and tooling gaps should you be aware of?

• How can you get started with Rust on Zephyr today?

This session will provide practical insights from real-world experience, helping you evaluate whether Rust is the right choice for your next embedded project. Whether you’re an embedded developer or a Rustacean curious about RTOS environments, this talk will equip you with actionable knowledge to start your journey.

Speakers

Martin Mosler

Principal Embedded Software Consultant, Zühlke Engineering AG

Martin Mosler is a seasoned software engineer with expertise in developing secure embedded systems. With a background in Rust programming, he has firsthand experience implementing secure concurrent code and is passionate about sharing his knowledge with the community.

Monday August 25, 2025 14:25 - 15:05 CEST
D203

Zephyr Developer Summit

Audience Experience Level Any

14:35 CEST

BoF: Collaboration With Universities and Enterprises OSPO - Ana Jiménez Santamaría, Linux Foundation; Chris Hoeppler, Bosch Research; Leslie Hawthorn, Red Hat GmbH; Cornelius Schumacher, DB Systel GmbH; Ying Wang, ETH Züric; Clare Dillon, CURIOSS

Monday August 25, 2025 14:35 - 15:05 CEST

D204

Join the TODO Group and CURIOSS community for an interactive session where attendees can share use cases on how their organizations are investing in academic research. Explore best practices for transferring knowledge from academia and the research community.

We welcome open source managers, OSPO leaders, and other stakeholders from organizations and universities engaged in research or interested to learn more.

Speakers

Ana Jiménez Santamaría

Project Manager , Linux Foundation, Developer Relations Foundation

Ana is the Project Manager at the Linux foundation TODO Group collaborative project, whose aim is to create and share knowledge on open source management and operations best practices. Formerly she worked at Bitergia, a Software Development Analytics firm, and she has finished her... Read More →

Chris Hoeppler

Senior Expert Open Source, Bosch Research

Chris is Open Source Officer at Bosch Research and member of Bosch's corporate Open Source Expert Team. Since joining Bosch Research a decade ago Chris has been working on a wide range of open source topics from compliance to strategy. Currently, he focuses on working with internal... Read More →

Leslie Hawthorn

Director - Industry Community Strategy, Red Hat GmbH

An internationally known strategist & engagement expert, Leslie Hawthorn has spent her career creating and enabling successful communities. She has driven open source strategy in Fortune 10 companies, pre-IPO startups, and Foundation Boards including roles at Red Hat, Google, the... Read More →

Cornelius Schumacher

Open Source Steward, DB Systel GmbH

Cornelius helps teams at Deutsche Bahn, the German railway company, to use and contribute to open source software. He has a background from more than two decades in the open source community and industry. Originally a software developer he now focus on management of open source.

Clare Dillon

CURIOSS Community Lead, CURIOSS

Clare Dillon is community lead for CURIOSS, a community for university & research institution OSPOs. Clare is also a researcher with Lero, the Science Foundation Ireland Research Centre for Software and a member of Lero's OSPO team. From 2021-2023, Clare served as the inaugural ED... Read More →

Ying Wang

Technology and licensing manager, ETH Züric

Ying holds a Ph.D. from the California Institute of Technology in geochemistry and a Juris Doctor from the Georgia State University College of Law, with a focus on Intellectual Property.

Monday August 25, 2025 14:35 - 15:05 CEST
D204

OSPOCon

Audience Experience Level Any

15:35 CEST

Between Building and Testing Your Linux Driver - Krzysztof Kozlowski, Linaro

Monday August 25, 2025 15:35 - 16:15 CEST

G109

Linux kernel code (and any C project in general) can greatly benefit from several static code analyzers. Let's dive into open and free (as in free beer as well) tools for static code analysis used in the Linux kernel, because there is more than one tool

The session will describe in detail how to check your Linux kernel code around build time to improve the code quality.

Many techniques will be applicable to other projects, but session focuses on the Linux kernel due to its own build process.

Speakers

Krzysztof Kozlowski

Linux Kernel Maintainer , Linaro

Krzysztof Kozlowski is an active Linux Kernel developer, working currently for Linaro. Krzysztof maintains several upstream kernel subsystems: Devicetree bindings (as a co-maintainer with Rob and Conor), Memory controller drivers, NFC subsystem with drivers, and Samsung Exynos SoC... Read More →

Monday August 25, 2025 15:35 - 16:15 CEST
G109

Open Source 101

Audience Experience Level Any

15:35 CEST

Of Queens and Other Benevolent Dictators – the Role of Succession Planning in Open Source Community - Aeva Black, Independent & Hazel Weakly, Nivenly Foundation

Monday August 25, 2025 15:35 - 16:15 CEST

Auditorium

Several high-profile incidents have raised global awareness that single-maintainer projects can become single points of global risk. However, a similar risk exists among established and mature projects – the attrition of a small “core” group of maintainers can be just as damaging to downstream dependencies.

Today, many established projects are facing significant maintainer attrition while vibrant and younger communities have formed around derivatives and forks. Meanwhile, entire new ecosystems have emerged and become characterized by generational divides.

Why is this happening, and what can you do to prepare to pass the mantle of project leadership?

We will discuss factors contributing to a rising participation barrier, then explore strategies for community growth and educate policymakers on ways to support the longevity and security of mid- and large-sized open source projects.

Speakers

Aeva Black

Distinguished Technology Advisor, Independent

Aeva Black is a distinguished technology advisor focused on the secure and sustainable development of free and open source software. With a 25-year career across roles in the public sector, private sector, and at non-profits, Ms. Black has presented at international forums, led large... Read More →

Hazel Weakly

Fellow, Nivenly Foundation

Hazel spends her days working on building out teams of humans as well as the infrastructure, systems, and tooling to make life better for others. She’s worked at a variety of companies and knows that the hardest problems to solve are the social ones. One of her favorite things is... Read More →

Monday August 25, 2025 15:35 - 16:15 CEST
Auditorium

Open Source Leadership

Audience Experience Level Any

15:35 CEST

Machine Learning on Microcontrollers With Zephyr and Emlearn - Jon Nordby, Soundsensing

Monday August 25, 2025 15:35 - 16:15 CEST

D202

Modern Machine Learning makes it possible to automatically extract valuable information from sensor data, and it has become feasible to deploy ML systems to low-cost embedded devices and sensors. This niche is often referred to as "TinyML", and is enabling a range of new applications in consumer electronics, science and industry.

emlearn is an open-source project for deploying Machine Learning models to any device with a C99 compiler. It provides a Python library for converting models made with scikit-learn or Keras to efficient C code. The library has been used for many applications across a range of sensor modes, such as audio, vibration, power-line, radar, et.c.

Zephyr RTOS is a comprehensive open-source operating system that runs on a wide range of microcontrollers. The support for low-power operation, communication protocols, and standardized "sensors" API makes it a very attractive platform for TinyML applications.

In this presentation, we introduce the emlearn project, and show how it can be used together with Zephyr. We will cover the key features and tools that the library provides, and demonstrate how to perform practical Machine Learning tasks.

Speakers

Jon Nordby

Head of Data Science, Soundsensing

Jon is a Machine Learning Engineer specialized in IoT systems,

Monday August 25, 2025 15:35 - 16:15 CEST
D202

Zephyr Developer Summit

Audience Experience Level Any

15:35 CEST

ZMS a New Lightweight Storage System - Riadh Ghaddab, Baylibre

Monday August 25, 2025 15:35 - 16:15 CEST

D203

Zephyr Memory Storage is a new key-value storage system that is designed to work with all types of non-volatile storage technologies. It supports classical on-chip NOR flash as well as new technologies like RRAM and MRAM that do not require a separate erase operation at all, that is, data on these types of devices can be overwritten directly at any time.

We will explore during this session the new functionalities introduced by this new storage system as well as the upcoming enhancements.

Speakers

Riadh Ghaddab

Senior Software Engineer, Baylibre

Riadh Ghaddab is a Senior Software Engineer currently working at Baylibre.

Monday August 25, 2025 15:35 - 16:15 CEST
D203

Zephyr Developer Summit

Audience Experience Level Any

15:35 CEST

My First Kernel Driver Workshop - Hans de Goede, Red Hat

Monday August 25, 2025 15:35 - 17:10 CEST

G102-103

Attendees will be given an USB (ch341t) to qwiic converter + a qwiic sht40 temperature/humidity sensor.

A github repo with preparation instructions + a ready-to-build driver to instantiate an i2c-device/-client for the sensor will be provided.

The goal of the workshop is for attendees to write their own (very simple) kernel driver for the sensor offering sysfs attributes providing temperature and humidity readings. Example code snippets of a skeleton i2c-driver and example communication code will be provided to make it possible to write a simple driver in 2 hours.

Attendees will be expected to know the C-programming language at an intermediate (or better) level.

Speakers

Hans de Goede

Principal Software Engineer, Red Hat

Hans de Goede is a FOSS developer and enthusiast with 20 years of experience. He is a maintainer for the kernel’s x86 platform drivers subsystem.

Monday August 25, 2025 15:35 - 17:10 CEST
G102-103

Linux

Audience Experience Level Any

16:30 CEST

ESSTRA: A Software Suite To Enhance Software Transparency and Traceability in Software Supply Chain - Takuya Namae, Sony Group Corporation

Monday August 25, 2025 16:30 - 17:10 CEST

Elicium 1

When you use OSS, do you want to know which source files are compiled and included in the binaries? Project ESSTRA (https://github.com/sony/esstra) is a tool that collects a list of source files while compiling your software and embeds the data into the binaries.

Recently, the importance of using SBOMs has been increasing, and there is a growing demand for improved transparency and traceability in the software supply chain from the perspectives of vulnerability management and OSS license compliance. However, it is difficult to trace the details of which files are included in the binaries used in your product or service, and which OSS licenses to comply with based on this data.

To solve this issue, Sony has developed ESSTRA. It is available now as open source itself, and includes both a GCC plugin to record source files during a build and embed it into resulting binaries, as well as a tool to manage the information.

ESSTRA is already supported by Binary Analysis Next Generation (BANG) tool.

Attendees of this session will learn how to use ESSTRA and take the first steps to improve the transparency and traceability of your project's software.

Speakers

Takuya NAMAE

Open Source Compliance Tooling Lead, Sony Group Corporation

Takuya NAMAE is an Open Source Compliance Tooling Lead and Software Engineer in Sony Group Corporation. He works on OSS license compliance of Linux-based system software for various Sony products. He also leads the development of tools and workflows to efficiently carry out the continuous... Read More →

Monday August 25, 2025 16:30 - 17:10 CEST
Elicium 1

Embedded Linux Conference

Audience Experience Level Any

16:30 CEST

Guiding Newcomers: A Mentor’s Journey Through Linux Kernel Development - Daniel Baluta, NXP Semiconductors

Monday August 25, 2025 16:30 - 17:10 CEST

G109

Helping newcomers step into the Linux kernel community is not an easy task, but

with the right mentorship it becomes a transformative journey for both the mentor and the

the mentee.

This talk shares lessons from over a decade of hands-on mentoring experience, helping students

grow from their first patch to becoming meaningful contributors.

This presentation focuses on real world examples from subsystems like IIO, ALSA and device tree

bindings and explains the practical steps to get beginners started. Each steps is important:

from selecting the appropriate tasks and hardware platfroms, to explaining kernel workflows

and mailing list culture.

Attendees will gain practical guidance on building effective mentorship practices, learning

how to support newcomers as they evolve from learners to contributors. Also, this presentation

is valuable for newcomers looking to take their first step into kernel development, offering

a clear view of the journey ahead and how to access mentoring programs like Outreachy Program for Women

or Google Summer of Code.

Speakers

Daniel Baluta

Software Engineer, NXP Semiconductors

Daniel works at NXP in Romania hacking on Linux kernel audio drivers for i.MX boards. He is a teaching assistant for Operating System Internals class at University POLITEHNICA in Bucharest and very passionate about helping newcomers to the Linux kernel world while being a mentor for... Read More →

Monday August 25, 2025 16:30 - 17:10 CEST
G109

Open Source 101

Audience Experience Level Any

16:30 CEST

Streamlining Open-Source License Compliance With the Continuous Clearing Tool - Amrit Kumar Verma & Dearsh Oberoi, Siemens

Monday August 25, 2025 16:30 - 17:10 CEST

G107

We present Continuous Clearing (CA) Tool, an open-source solution designed to automate & accelerate the license clearing of OSS components. This tool streamlines the identification & license compliance of 3rd party OSS components within various projects, including those using NPM, NuGet, Maven, Python, Alpine & Debian. It ensures that orgs. maintain a SBOM for all builds within the DevOps pipeline. It is designed with 3 different modules:

1. Package Identifier: This module accepts a package file or BOM as input & produces a SBOM file as output. It classifies each dependency type & incorporates into the output SBOM.

2. SW360 Package Creator: Utilizing the SBOM from the package identifier, this module identifies & creates any missing components or releases in SW360. Then associates components with the relevant project in SW360 & triggers the upload to FOSSology & automatically updates the clearing state in SW360. It also offers an option to exclude dev dependencies, if they are not relevant for compliance.

3. Artifactory Uploader: This final module takes the updated BOM & uploads components tagged as "Report approved" clearing state to the JFrog artifactory.

Speakers

Dearsh Oberoi

Research Engineer, Siemens

Open source contributor and Research Engineer at Siemens, passionate about fostering inclusive communities. Active contributor at SW60 and LicenseDB. Focused on license management and SBOMs.

Amrit Kumar Verma

Research Engineer, SIEMENS

Research Professional | Open-Source Contributor | Mentor

Monday August 25, 2025 16:30 - 17:10 CEST
G107

Operations Management

Audience Experience Level Any

16:45 CEST

Lottie: Establishing an Open Standard for Vector Animation - Mattia Basaglia, Lottiefiles & Brandon Wilson, Google

Monday August 25, 2025 16:45 - 17:00 CEST

G106

Lottie is an efficient, feature-rich, vector animation format that delivers animations across platforms without sacrificing performance or file size, maintaining quality at any resolution. Lottie is widely adopted across various tools spanning the web, mobile and desktop systems.

In this session, we'll explore the journey of Lottie and the Lottie Animation Community (LAC) in establishing the official Lottie 1.0 specification under the Linux Foundation.

We'll examine the technical challenges addressed in standardizing this format, cross-platform compatibility, and feature consistency across different renderers. Attendees will gain insight into the collaborative process behind creating an open specification with input from diverse stakeholders across industries. We'll discuss the key components of the Lottie format, the standardization work that improved interoperability between creation tools and rendering engines, and demonstrate real-world applications showing the format's capabilities. Finally, we will provide a preview of upcoming efforts and welcome collaboration.

Speakers

Mattia Basaglia

Principal R&D Engineer, Lottiefiles

Mattia has contributed to several Open Source projects, including Glaxnimate — a vector animation program now joining KDE, and other tools to export Lottie. He was heavily involved the Lottie Animation Community standardization process.

Brandon Wilson

Senior Software Engineer, Google

Brandon has been working at Google for five years. He currently works on Lottie/Animation tooling and ensuring motion design partners get the most out of their animations. He is an active participant in the Lottie Animation Committee and helps to organize/lead the meetings.

Monday August 25, 2025 16:45 - 17:00 CEST
G106

Standards & Specifications

Audience Experience Level Any

09:00 CEST

Zephyr-friendly Embedded Display Shopping Guide - Eve Redero, Redero Tech

Tuesday August 26, 2025 09:00 - 09:40 CEST

D203

Zephyr has extensive support for all kinds of embedded displays, but sourcing a display can be confusing, especially if you want to source one with out-of-the-box Zephyr support. In this session, we will show how to choose a Zephyr-friendly display component.

The session will cover a review of several types of display techs, what are display controllers and display modules, and the most common ways of interfacing with a display.

Speakers

Eve Redero

Electronics and embedded systems engineer, Redero Tech

I have worked as an electronics and embedded systems engineer for about 10 years, mostly in consumer electronics companies. My skills set includes board design, low-level firmware development, and a bit of knowledge about board production and testing. I now work as a freelance, roaming... Read More →

Tuesday August 26, 2025 09:00 - 09:40 CEST
D203

Zephyr Developer Summit

Audience Experience Level Any

10:05 CEST

Lightning Talk: Overview of the SCMI Support in Zephyr - Laurentiu Mihalcea, NXP

Tuesday August 26, 2025 10:05 - 10:15 CEST

D202

This presentation shall provide a very brief overview of the System Control and Management Interface (SCMI) support in Zephyr. This includes an architectural overview, which will go into the different layers and components that make up the support, and a list of supported features/protocols.

Speakers

Laurentiu Mihalcea

Software Engineer, NXP

MSc student, open-source enthusiast, and contributor to Zephyr and the Linux kernel. Interested in hardware and low-level software.

Tuesday August 26, 2025 10:05 - 10:15 CEST
D202

Zephyr Developer Summit

Audience Experience Level Any

11:00 CEST

Build Distroless Containers the Easy Way: From Full Fat To Featherweight With Unbase_oci - Nikolas Kraetzschmar, SAP

Tuesday August 26, 2025 11:00 - 11:40 CEST

Emerald Room

Tired of wrangling dependencies to craft distroless containers from scratch? unbase_oci flips the script.

Instead of painstakingly building up from a minimal base, you start with a comfortable, fully-featured container—think debian or ubuntu—and develop as usual. Then, with one simple command, unbase_oci automatically strips your image down to the bare essentials by comparing it to the base and keeping only what’s truly needed.

No more trial-and-error to get your distroless image just right. Write normal Dockerfiles, enjoy all your debugging tools during dev, and let unbase_oci do the slimming for production.

It’s Bash. It’s fast. It’s minimal. It works with any OCI image and requires nothing but standard Unix tools and your container engine of choice.

Let’s stop over-engineering minimalism. Build smart, then unbase.

Speakers

Nikolas Kraetzschmar

Software Engineer, SAP

Focused on building a streamlined, security-hardened Linux for container and Kubernetes environments, with a keen interest in C programming and security.

Tuesday August 26, 2025 11:00 - 11:40 CEST
Emerald Room

Cloud & Containers

Audience Experience Level Any

11:00 CEST

BASIL - What's New, What's Next - Luigi Pellecchia, Red Hat

Tuesday August 26, 2025 11:00 - 11:40 CEST

D204

BASIL is an open source tool developed to design requirements traceability in a collaborative environment.

It supports the manipulation of multiple types of work items, such as Test Cases, Test Specifications, Software Requirements, Justifications, Documents.

It also comes with its own test infrastructure that allows users to run tests against different kind of test environments and provides capabilities to trace test executed on external test infrastructures.

BASIL development is progressing and new features become available weeks after weeks.

After an introduction of the tool for who see it for the first time,

we will go through major changes introduced in the tools as:

- SPDX traceability export in design SBOM based on Model3

- Requirements import

- Test repository scan and test case import

- User files management

- Granular user permissions definition

- External email server configuration for password reset

and through planned development as:

- Hierarchical Document Mapping

- Multiple reference document for each software component

- LAVA test plugin

Speakers

Luigi Pellecchia

Principal Software Quality Engineer, Red Hat

Luigi Pellecchia is a Principal Sw Quality Engineer at Red Hat.

Tuesday August 26, 2025 11:00 - 11:40 CEST
D204

Safety-critical Software

Audience Experience Level Any

11:55 CEST

Defense in Depth: High Speed Cloud Native With Soft- and Hardware Protected Functions - Ralph Squillace, Microsoft

Tuesday August 26, 2025 11:55 - 12:35 CEST

G001-002

GitHub is one of the largest (if not the largest) open-source code repositories in the world, but its growth creates technical challenges: How can it continue to scale up activities at its rate of growth? How can it protect activities from each other if one uses code with a malicious attack in it?

This talk describes a fun experiment using the CNCF project Hyperlight and WebAssembly (wasm) components to investigate radical scaling of GitHub events using WebAssembly Components to both handle heavy event load on smaller, less costly VMs but at the same time use Hyperlight to provide hardware protection to each individual function.

WebAssembly is a form of “cloud native binary” that runs on almost any operating system and architecture. The emerging wasm component model is a series of standards that enables any language to make use of components written in any other language while radically scoping in the capabilities of a function, giving it only the permissions to execute that the host deems necessary.

When combined with the Hyperlight project, it becomes possible to use security-in-depth features to scale compute far more with far less risk.

Speakers

Ralph Squillace

Principal Product Manager, Microsoft

Professionally trained in history; don't tell him, because he's professionally suffered in distributed applications for the past 20 years or so. A veteran of OSS wars inside the megacorp, he's thrived as the world changed. He runs Ubuntu at work, except for those times when he does... Read More →

Tuesday August 26, 2025 11:55 - 12:35 CEST
G001-002

Cloud & Containers

Audience Experience Level Any

11:55 CEST

Demystifying West - Carles Cufí, Nordic Semiconductor

Tuesday August 26, 2025 11:55 - 12:35 CEST

D202

West is Zephyr's swiss-army knife command-line tool. At its core it handles repository management, but in practice it does so much more than that. With plenty of powerful built-in features and the ability to extend its command set via the manifest file, west is able to cater for most use-cases a Zephyr user will face. This includes maintaining your own manifest as well as your own downstream of Zephyr itself or any of its ancillary repos, and even extending the west commands themselves. This talk will try to shed light on some of the most common questions around the tool, its use and its extension capabilities.

Speakers

Carles Cufí

Open Source, Nordic Semiconductor

Carles has been a firmware developer at several hardware, semiconductor and software companies for over 25 years. For the last 15 years he has worked at Nordic Semiconductor, where he was part of the team that made Nordic’s first ever Bluetooth Low Energy chip. During this time... Read More →

Tuesday August 26, 2025 11:55 - 12:35 CEST
D202

Zephyr Developer Summit

Audience Experience Level Any

13:00 CEST

The Embedded Android Developer's BoF - Chris Simmonds, 2net Ltd

Tuesday August 26, 2025 13:00 - 13:40 CEST

Elicium 2

Although Android is pretty common as an embedded operating system, there are surprisingly few opportunities for us developers to come together. This BoF is such an opportunity. If you are working with Android in embedded, Automotive, TVs, custom ROMs or even if you just find this interesting, please come along. Bring with you your experiences, tips, tricks and grumbles about developing Android devices. As a starter, here are some of the topics that have come up in previous years:

* AOSP community and community portals

* working with Google

* examples of devices running Android

* porting to new hardware

* Android in Automotive

Speakers

Chris Simmonds

Consultant, 2net Ltd

Chris Simmonds is a software consultant and trainer living in southern England. He has spent almost two decades designing and building open-source embedded systems of all shapes and sizes, and he has encapsulated much of that experience in his book, “Mastering Embedded Linux Pr... Read More →

Tuesday August 26, 2025 13:00 - 13:40 CEST
Elicium 2

Embedded Linux Conference

Audience Experience Level Any

14:10 CEST

Hotplug of Non-discoverable Hardware: Status and Future Directions - Luca Ceresoli, Bootlin

Tuesday August 26, 2025 14:10 - 14:50 CEST

Elicium 1

More and more industrial products are being designed with add-on components that can be hotplugged at runtime and connected with non-discoverable busses: I²C, MIPI CSI-2, LVDS, and seemingly simpler ones such as interrupts and GPIO lines.

Work is in progress for the kernel to support such hardware using device tree overlays. This talk describes the goals, work done and in progress and future directions. Special attention will be given to the DRM subsystem which is by far the most challenging one.

Topics covered are:

* Problem statement and overview of the goals

* Non-discoverable hotplug in general: device tree overlays and how to properly describe connectors and

add-ons (nexus nodes, export-symbols), instantiating devices, I²C bus issues

* DRM specific: hotplugging in the DRM subsystems, challenges in making DRM bridges removable, current work and next steps

Discussion about future directions will be very welcome.

Speakers

Luca Ceresoli

Embedded Linux and kernel engineer, Bootlin

Luca is an embedded Linux and kernel engineer at Bootlin, primarily working on device drivers and recently active mostly on DRM bridges, device tree overlays and various subsystem involved in hotplugging of non-discoverable devices.

Tuesday August 26, 2025 14:10 - 14:50 CEST
Elicium 1

Embedded Linux Conference

Audience Experience Level Any

14:10 CEST

Hybrid THP Mechanism. Selective Use of Huge Pages by Hot Applications - Asier Gutierrez, Huawei

Tuesday August 26, 2025 14:10 - 14:50 CEST

G104

Currently, THP policies are used globally, for the entire system. This leads to memory fragmentation and memory waste. Main memory has increased a lot faster than TLB entries, and it will continue to do so. Given the limited TLB cache entries, this becomes a serious bottleneck for real world applications. Huge pages are supposed to resolve this issue, since the a single entry in the TLB can map a big chunk of memory. However, this eventually leads to memory fragmentation and eventually the system runs out of usable memory. Hence, most sysadmins and user space application suggest to disable huge pages

We introduce a hybrid page mechanism where hot applications can use huge pages transparently, while avoiding the entire system to use huge pages.

During the talk, we will show how we managed to decrease the huge page consumption as well as benchmarks on real applications.

Speakers

Asier Gutierrez

Staff software engineer, Huawei

I am a seasoned software engineer, with a wide background in product and system programming. I have worked for big companies like Intel, IBM and Yandex, as well as small startups. I spoke at the Open Source Summit Europe in 2023 where I showed how IMA namespaces can be used to achieve... Read More →

Tuesday August 26, 2025 14:10 - 14:50 CEST
G104

Linux

Audience Experience Level Any

14:10 CEST

Your SBOM Is Lying To You – Let’s Make It Honest - Yuchen Zhang & Justin Cappos, New York University

Tuesday August 26, 2025 14:10 - 14:50 CEST

G106

SBOMs (Software Bills of Material) are essential for improving visibility and security in the software supply chain. As open-source code drives modern development, organizations face growing security risks due to limited transparency in software dependencies. Attacks like SolarWinds (2020) and Kaseya (2021) highlight the urgent need for stronger software supply chain security.

However, SBOMs are often inaccurate. This talk explores why these inaccuracies occur, how attackers exploit them, and how to address these issues. A key challenge is dependency management file analysis (e.g., cargo.toml for Rust), which struggles to track components effectively.

Enter SBOMit, an OpenSSF sandbox project leveraging in-toto attestations to create cryptographically verifiable SBOMs. By capturing supply chain steps as they occur, SBOMit enhances accuracy, mitigates tampering risks, and strengthens security. This talk examines SBOMit’s role in improving SBOM reliability across the CNCF ecosystem.

Speakers

Justin Cappos

Professor, New York University

I am a professor at NYU who has been working on software supply chain security for more than 20 years. I am a maintainer / creator of the TUF, Uptane, and in-toto projects, which are all under the LF.

Yuchen Zhang

Postdoctoral Associate, New York University

Yuchen is currently a postdoctoral researcher with the Secure Systems Laboratory (SSL) at the Tandon School of Engineering, New York University. He obtained his Ph.D. from the Department of Computer Science at Stevens Institute of Technology. Prior to Stevens, he completed his undergraduate... Read More →

Tuesday August 26, 2025 14:10 - 14:50 CEST
G106

Standards & Specifications

Audience Experience Level Any

14:10 CEST

Updates To Clock Management Within Zephyr RTOS - Daniel DeGrasse, Tenstorrent

Tuesday August 26, 2025 14:10 - 14:50 CEST

D202

This talk is intended serve as a continuation of my presentation for a proposed rework of Zephyr’s clock management subsystem delivered at EOSS 2024. Since then, the proposal has evolved and stabilized significantly. We will cover the current state of the implementation within Zephyr and discuss how we can work to move the implementation towards merging into mainline- if it has not merged by the time of the conference. Beyond this, the presentation will include detailed examples of how to implement clock management drivers and consume the clock management subsystem within peripheral drivers. This presentation will offer Zephyr driver maintainers as well as downstream consumers a chance to discuss and influence the direction we are taking regarding improving clock management within Zephyr.

Speakers

Daniel DeGrasse

Firmware Engineer, Tenstorrent

Daniel DeGrasse is the Zephyr maintainer of the disk, MIPI DBI, and SDMMC subsystems. He works as a firmware engineer at Tenstorrent, and is primarily focused on improving generic subsystems within Zephyr, as well as continuous integration

Tuesday August 26, 2025 14:10 - 14:50 CEST
D202

Zephyr Developer Summit

Audience Experience Level Any

14:10 CEST

OpenSSH + FIDO Workshop - Joost van Dijk, Yubico

Tuesday August 26, 2025 14:10 - 15:45 CEST

TBA

OpenSSH has built-in support for FIDO security keys since version 8.2 (released in 2020). This means you can protect your SSH private keys using security keys, similar to how this can be done with OpenPGP smart cards and cryptographic tokens that support PKCS#11. Although such devices all allow you to protect your private keys using cryptographic hardware, the benefits on using FIDO include:

- FIDO is easier to use, especially for beginners

- security keys can be used on the web as well to store passkeys

- no need for vendor-specific software (like PKCS#11 modules)

- security keys are inexpensive

- FIDO features device attestation, which lets you cryptographically prove you are using a specific security key make and model.

In this talk, we will give a short introduction to FIDO security keys, and provide several demos of the use of security keys with OpenSSH, such as signing arbitrary data, authenticating to remote systems, and using key attestation.

The talk consists of a number of demos that participants can follow along on their system. Participants can bring their own security key (any vendor will do). If they do not own a security key one will be provided to them.

Speakers

Joost van Dijk

Sr Solutions Architect, Yubico

Joost van Dijk is a Solutions Architect at Yubico. He focuses on securing digital identities and accelerating the adoption of open source authentication standards as part of Yubico's developer program.

Tuesday August 26, 2025 14:10 - 15:45 CEST
TBA

Digital Trust

Audience Experience Level Any

15:05 CEST

Health Check-ups on OSS Software Projects: Managing Risks While Promoting (Re)use - Johan Linåker, RISE Research Institutes of Sweden

Tuesday August 26, 2025 15:05 - 15:25 CEST

G107

Open Source Software (OSS) intake is ever growing. An international Telco recently reported a surge from 30 to over 60,000 unique OSS components annually. However, this rapid adoption also introduces risks. The quality and security of OSS depend heavily on the maintenance efforts and health of its community.

In this talk, we show how organizations can systematically monitor the health of their OSS dependencies. This involves assessing the long-term viability and quality of OSS projects, akin to a medical check-up. Our study, detailed in the OSS Metrics chapter of the TODO group's OSPO book, identified 21 key health aspects through literature review and expert interviews. These aspects help organizations evaluate OSS projects based on factors like community productivity, stability, and governance.

Implementing health assessments requires a tailored approach, as demonstrated in our case study with a major automotive manufacturer. We present a semi-automated process for intake-stage inspections and automated monitoring for deployed components. Continuous training and feedback sessions are essential for integrating health assessments into standard practices.

Speakers

Johan Linåker

Senior Researcher, RISE Research Institutes of Sweden

... Read More →

Tuesday August 26, 2025 15:05 - 15:25 CEST
G107

OSPOCon

Audience Experience Level Any

15:05 CEST

DTS 101: From Roots To Trees, Aka Devicetree for Beginners - Krzysztof Kozlowski, Linaro

Tuesday August 26, 2025 15:05 - 15:45 CEST

Elicium 1

Practical guide to writing Devicetree sources (DTS) and bindings for the Linux kernel. Jump in if you want to know:

1. What compatibility means between devices and how to express it in DTS.

2. What can be in DTS and what cannot.

3. Fastest way to upstream your DTS (no need for 10 iterations!).

4. Validate your DTS and live error-free ever after.

The talk will focus on Devicetree (DTS and bindings) in the context of Linux kernel, which is also applicable to several other projects like U-boot.

Speakers

Krzysztof Kozlowski

Linux Kernel Maintainer , Linaro

Tuesday August 26, 2025 15:05 - 15:45 CEST
Elicium 1

Embedded Linux Conference

Audience Experience Level Any

16:20 CEST

Power Dynamics, Rug Pulls, and Other Corporate Impacts on OSS Sustainability - Dawn Foster, CHAOSS

Tuesday August 26, 2025 16:20 - 17:00 CEST

G107

Power imbalances are everywhere, including in our OSS projects, and in today’s cloud native world, the power dynamics have gotten even more complex. We’ve recently seen an increase in relicensing of open source projects and other tensions within communities that are directly related to imbalances in power that cause disruption within our open source projects. The many users, contributors, and even maintainers who have less power can feel like the rug has been pulled out from under them. We have mechanisms, like forks, where those with less power can counter these moves, regardless of the forms they take.

This talk will not only help people understand the power dynamics at play, but it will also provide tangible steps that we can take as maintainers, contributors, and users to make better decisions about focusing our precious time on making our projects more sustainable. There is no way to accurately predict which projects will not be sustained, but this talk will contain suggestions for how to look for warning signs. By attending this talk, you will learn more about the power dynamics and steps that you can take to make better decisions about which OSS projects to embrace.

Speakers

Dawn Foster

Director of Data Science, CHAOSS

Dr. Dawn Foster works as the Director of Data Science for CHAOSS where she is also a board member / maintainer. She is co-chair of CNCF TAG Contributor Strategy and an OpenUK board member. She has 20+ years of experience at companies like VMware and Intel with expertise in community... Read More →

Tuesday August 26, 2025 16:20 - 17:00 CEST
G107

OSPOCon

Audience Experience Level Any

16:20 CEST

Looking at Linux as a SEooC - Kate Stewart, The Linux Foundation & Nicole Pappler, AlektoMetis

Tuesday August 26, 2025 16:20 - 17:00 CEST

D204

Linux is already being used in Safety Critical applications, mostly as a "Safety Element out of Context". This session provide some background on what this means, and the limitations of this approach. With the velocity of change of the Linux kernel, supporting this mechanism, as well as more detailed approaches is the next frontier for the kernel.

Speakers

Kate Stewart

VP Dependable Embedded Systems, The Linux Foundation

Nicole Pappler

Senior Safety Expert, AlektoMetis

Nicole has worked in different projects developing safety relevant embedded software before starting as an independent assessor.

Tuesday August 26, 2025 16:20 - 17:00 CEST
D204

Safety-critical Software

Audience Experience Level Any

16:20 CEST

API Lifecycle: Smarter Design and Governance With Open Tooling - Dakshitha Ratnayake, WSO2

Tuesday August 26, 2025 16:20 - 17:00 CEST

G106

As API ecosystems grow, keeping designs consistent and governance scalable can really be a challenge for both open platforms and internal teams. In this talk, we’ll dive into how AI-assisted tools, when combined with open standards and policy engines, can help simplify two of the toughest parts of the API lifecycle: design and compliance. We’ll show you how developers can use natural language prompts to generate and update OpenAPI specs, and how teams can use policy-as-code (with tools like OPA) to automate checks for things like naming, versioning, and security. You’ll walk away with practical workflows that help balance developer speed with organizational standards—all built with open source tools.

Speakers

Dakshitha Ratnayake

Director - Developer Relations, WSO2

Dakshitha is a Director of Developer Relations at WSO2, with over 15 years of experience in software development, solution architecture, and technical evangelism. Her work focuses on open-source technologies, particularly in integration, APIs, and identity and access management. She’s... Read More →

Tuesday August 26, 2025 16:20 - 17:00 CEST
G106

Standards & Specifications

Audience Experience Level Any

16:20 CEST

CANnectivity: Zephyr-based USB To CAN Adapter Firmware - Henrik Brix Andersen, Vestas Wind Systems A/S

Tuesday August 26, 2025 16:20 - 17:00 CEST

D202

A crucial component in the development of firmware utilizing Controller Area Network (CAN) communication is a host-connected CAN adapter. Several commercial and open-source solutions are available for this purpose, but each has its own limitations. The CANnectivity firmware, a Zephyr-based open-source firmware for Universal Serial Bus (USB) to Controller Area Network (CAN) adapters, aims to address these limitations.

This presentation will go over the considerations leading to the development of the CANnectivity firmware, its intended use cases, and the advantages it offers over existing solutions. I will provide an overview of the firmware’s architecture, the automated testing procedures currently in place for validation, and the future plans for its enhancement.

CANnectivity is available at https://github.com/CANnectivity/cannectivity

Speakers

Henrik Brix Andersen

Lead Embedded Software Engineer, Vestas Wind Systems A/S

Henrik Brix Andersen is Lead Embedded Software Engineer at Vestas Wind Systems A/S, providing firmware support for Vestas’ sustainable energy solutions. Brix is a passionate open-source software engineer and a long-standing contributor to the Zephyr RTOS project. He currently serves... Read More →

Tuesday August 26, 2025 16:20 - 17:00 CEST
D202

Zephyr Developer Summit

Audience Experience Level Any

16:20 CEST

Model-Based Testing for the Zephyr RTOS - Philipp Panzer, UL Solutions

Tuesday August 26, 2025 16:20 - 17:00 CEST

D203

The use of Zephyr in safety-critical domains poses a significant challenge with regard to certification. Since feature development in open-source projects is usually not driven by a centralized requirement specification, V&V become challenging tasks: The lack of a requirement specification makes the subject of validation hard to capture. Verification requires considerable effort for manual test creation. To address these issues, we explore a Model-Based Testing (MBT) approach for Zephyr, which involves the creation of a formal model of the system. Based on this specification, runnable test cases are automatically derived which pass if the actual software implementation aligns with the model. We present our approach of applying MBT to Zephyr's semaphore API, which uses TLA+ and generates runnable ZTest test cases. Given the promising results of our initial exploration, we want to share our ideas with the community to encourage further work in this area. We argue that an integration of MBT into Zephyr’s development cycle results in formal specifications of the system, which, combined with test generation, enable automated conformance testing and facilitate continuous certification.

Speakers

Philipp Panzer

Software Engineer, UL Solutions

Philipp Panzer studied computer science at FAU Erlangen-Nuernberg, with a focus on IT security and system software development. During his studies he worked on cloud-based data-analytics solutions at Siemens Mobility. At the end of his studies, he moved to UL Solutions, where he gained... Read More →

Tuesday August 26, 2025 16:20 - 17:00 CEST
D203

Zephyr Developer Summit

Audience Experience Level Any

09:00 CEST

Optimizing Zephyr for Peak Performance - Jacob Beningo, Beningo Embedded Group

Wednesday August 27, 2025 09:00 - 09:40 CEST

D203

The Zephyr Project is a leading open-source RTOS for resource-constrained, real-time applications. Its modularity, vendor neutrality, and rich ecosystem make it a powerful choice for embedded developers. However, achieving peak performance requires a deep understanding of Zephyr’s internals and optimization strategies.

This session explores techniques to optimize Zephyr applications for efficiency, low latency, and real-time predictability. Attendees will learn how scheduling, memory management, and interrupt handling impact performance and how to fine-tune these elements for specific workloads. We’ll cover configuring Zephyr for high-performance execution, reducing runtime overhead, and debugging bottlenecks.

Key topics include:

• Zephyr’s scheduling model and task prioritization

• Optimizing interrupts and reducing latency

• Fine-tuning memory management and resource allocation

• Profiling and debugging performance issues

• Advanced optimizations for power efficiency and I/O

Whether you’re developing for IoT, industrial automation, or real-time control, this session will equip you with practical strategies to maximize Zephyr’s performance and reliability.

Speakers

Jacob Beningo

CEO / Founder, Beningo Embedded Group

Jacob Beningo helps embedded teams modernize software architecture, streamline development, and adopt best practices for high-quality, real-time systems. As founder of Beningo Embedded Group, he provides expert training and guided learning to improve code quality, accelerate development... Read More →

Wednesday August 27, 2025 09:00 - 09:40 CEST
D203

Zephyr Developer Summit

Audience Experience Level Any

11:00 CEST

The Security Guardian: Using OpenSearch for Real-Time Threat Detection - Meha Bhalodiya, Red Hat

Wednesday August 27, 2025 11:00 - 11:40 CEST

Emerald Room

Imagine this: your systems are humming along smoothly when, without warning, an unseen adversary slips through the cracks. A small vulnerability leads to a large-scale security breach. Could it have been prevented? Absolutely—with the right tools and strategy.

In this session, I’ll embark on an interactive journey into how OpenSearch becomes the vigilant guardian of your infrastructure. Starting with real-world scenarios, we'll explore how to harness OpenSearch’s powerful features to detect anomalies, correlate logs, and respond to threats in real-time.

You’ll see how simple queries can expose hidden patterns, dashboards can visualize attack vectors, and machine learning models can predict threats before they occur. But it’s not just about the tools—we’ll dive into best practices for deploying OpenSearch in complex environments and ensuring it scales with your security needs.

Join me to learn how OpenSearch transforms security operations, turning chaos into clarity and ensuring you stay one step ahead of cyber threats.

Speakers

Meha Bhalodiya

Software Quality Engineer, Red Hat

A Software Quality Engineer at Red Hat, where I work with the OpenShift Container Platform team.

Wednesday August 27, 2025 11:00 - 11:40 CEST
Emerald Room

Cloud & Containers

Audience Experience Level Any

11:00 CEST

Unified Boot Time Measurement: A Precise, Scalable Framework for Multi-Processor Systems - Vishnu Pratap Singh & Soumya Tripathy, Texas Instruments

Wednesday August 27, 2025 11:00 - 11:40 CEST

Elicium 1

This session introduces a unified boot time measurement framework that overcomes these limitations. Inspired by U-Boot’s bootstage mechanism, it leverages hardware timers to generate synchronized timestamps across heterogeneous subsystems. Instead of relying on fragmented logs, the framework writes boot markers to a reserved DDR memory region, enabling a Linux utility to extract and analyze the complete boot timeline via the devmem interface. This approach ensures end-to-end visibility, enabling developers to pinpoint inefficiencies, optimize boot sequences, and improve system responsiveness.

With the increasing complexity of embedded devices—ranging from IoT and industrial automation to automotive and networking—achieving fast and predictable boot times is more important than ever. This talk provides a vendor-agnostic, software-based approach to measuring and optimizing boot performance, benefiting developers working on custom Linux BSPs, embedded RTOS systems, and real-time applications.

Speakers

Soumya Tripathy

Software Enngineer, Texas Instruments

Working as embedded software engineer at Texas Instruments since 2 years with expertise in bootloader, flash controllers and display. I had previous experience with Robert Bosch for 3 years working in industrial communication and factory automation products.

Vishnu Pratap Singh

Software Engineering Lead, Texas Instruments

Vishnu Pratap Singh is an embedded systems expert and engineering leader with 18+ years of experience in Linux development, BSP, and Linux based product engineering for communication devices, Satellite terminals, smart devices, IoT, and pro-audio. He is currently driving pro-audio... Read More →

Wednesday August 27, 2025 11:00 - 11:40 CEST
Elicium 1

Embedded Linux Conference

Audience Experience Level Any

11:00 CEST

Modern Application Debugging: An Introduction To OpenTelemetry - Joshua Lee, Altinity

Wednesday August 27, 2025 11:00 - 11:40 CEST

G109

In this talk, Joshua will share his insights and experiences with OpenTelemetry, an open-source project that offers protocols, APIs, and SDKs for collecting metrics, traces, and logs from applications and services. He will cover the comprehensive toolkit provided by the OpenTelemetry community, including language SDKs, the Collector, and the OTLP formats for metrics, traces, and logs.

He will demonstrate how to instrument and monitor a microservices application running on a Kubernetes cluster, utilizing the full potential of OpenTelemetry. Attendees will learn how to use powerful open-source tools like Jaeger and Prometheus to effectively analyze telemetry signals from their applications.

By the end of this session, attendees will have a solid understanding of how to implement OpenTelemetry in their projects, enhancing their debugging and observability practices. Join us as we delve into the world of OpenTelemetry, unlocking the capabilities of this powerful technology for your development needs.

Speakers

Joshua Lee

Developer Advocate, Altinity

Joshua is a seasoned software developer with over a decade of experience, specializing in a broad range of topics including operations, observability, agile methodologies, and accessibility. Currently, Joshua serves as a Developer Advocate for Altinity, where he creates educational... Read More →

Wednesday August 27, 2025 11:00 - 11:40 CEST
G109

Open Source 101

Audience Experience Level Any

11:00 CEST

Europe’s Open Source Motivations and Mandate: Findings From the 2025 World of Open Source Survey - Anna Hermansen, Mirko Boehm, Cailean Osborne & Adrienn Lawson, The Linux Foundation

Wednesday August 27, 2025 11:00 - 11:40 CEST

Auditorium

Each year, LF Research fields a survey in the Linux Foundation community investigating the major open source trends, obstacles, and priorities around the world. These survey findings are key annual markers of progress and opportunity in this area and are crucial for policy, business, non-profit, and academic audiences alike to set their strategy for the coming year. This panel will focus on the findings from Europe, presenting the key findings from the survey. The panelists will discuss the relevance and context of these findings given their work in Europe and focus on priority topics such as AI, security, and the public sector. LF Research panelists will present the most salient quantitative insights and how they relate to other research coming out this year. Mirko Boehm and Cailean Osborne from LF Europe will share qualitative insights from expert interviews in the context of their work in AI and cybersecurity regulation. A community expert will also join the panel to discuss the findings in light of their work in open source in Europe.

Speakers

Cailean Osborne

Senior Researcher, Linux Foundation

Cailean is a Senior Researcher at the Linux Foundation, who has a PhD in Social Data Science from the University of Oxford and 7+ years experience in (open source) AI research, policy, and business development. Previously, Cailean worked as the International Policy Lead at the UK... Read More →

Anna Hermansen

Researcher and Ecosystem Manager, The Linux Foundation

Anna is the Ecosystem Manager for LF Research where she supports end-to-end management of the department's research projects. She has conducted qualitative and systematic review research on the integration of technologies to better support health data sharing. Her interests lie at... Read More →

Mirko Boehm

Community Development, Linux Foundation Europe, The Linux Foundation

Mirko Boehm is a free and open source software contributor, community manager, licensing expert and researcher, with contributions to major open source projects like the KDE Desktop, the Open Invention Network, the Open Source Initiative and others. He is a visiting lecturer and researcher... Read More →

Adrienn Lawson

Director of Quantitative Research, Linux Foundation

ADRIENN LAWSON serves as Director of Quantitative Research at the Linux Foundation, where she leads data-driven initiatives to understand open source ecosystems. With expertise in social data science from the University of Oxford and a background spanning academic and governmental... Read More →

Wednesday August 27, 2025 11:00 - 11:40 CEST
Auditorium

Open Source Leadership

Audience Experience Level Any

11:00 CEST

OSS Documentation Workshop - Erin McKean, Google & Daniel Beck, Independent

Wednesday August 27, 2025 11:00 - 11:40 CEST

G106

Are you an open source maintainer who wants to create better docs for your project? In this talk you'll learn about some new tools for docs maintainers (a Docs Advisor working guide and a set of Docs Archetypes) and some pro tips on how to use them:

* the types of technical documentation and docs projects -- how to decide what is a fit for your organization or project
* how to get basic info about your users and the kinds of documentation they need
* how to determine when a project is a bad fit for your needs
* how to onboard technical writers to your project
* how to choose and measure criteria for the success of your docs project
* how to keep your docs momentum going!

Materials for these new tools are based on the real experiences of the more than 70 projects who have participated in Google Season of Docs, and are currently available at github.com/google/opendocs.

Speakers

Erin McKean

Senior Developer Relations Engineer, Google

Erin McKean is a developer relations engineer in Google's Open Source Programs office. She is also the founder of the not-for-profit Wordnik.com, the world’s biggest online dictionary. In addition to writing code, blog posts, and documentation, she’s also the author of the Weird... Read More →

Daniel Beck

Technical Writer, Self-employed

Daniel is a documentation consultant who helps software engineering teams make tools, processes, and content that reach developer audiences. He's a longtime contributor and maintainer of open source software and documentation, including as a current maintainer of Baseline, a browser... Read More →

Wednesday August 27, 2025 11:00 - 11:40 CEST
G106

Technical Documentation

Audience Experience Level Any

11:00 CEST

Beyond Code: How the LKMP Helped Me Grow as a Developer and Community Member - Luis Felipe Hernandez, Independent

Wednesday August 27, 2025 11:00 - 11:40 CEST

TBA

The Linux Kernel Mentorship Program (LKMP) was more than just a chance to contribute to open source—it was a turning point in my career and technical growth.

Join me as I share how this experience helped me land my current role, give back to the Linux community, and inspired me to take a more active role in my local community—organizing events, mentoring, and sharing knowledge.

Speakers

Luis Felipe Hernandez

Senior Software Engineer, Independent

Luis Felipe Hernandez is a Senior Software Engineer currently residing in Orlando, FL. Outside of work he is a Linux Kernel Mentee and aspiring Open Source developer.

Wednesday August 27, 2025 11:00 - 11:40 CEST
TBA

Wildcard

Audience Experience Level Any

11:55 CEST

When Foundation Models Go Open: Unlocking the Promise From Infrastructure To Impact in Health - Elham Dolatabadi, York University

Wednesday August 27, 2025 11:55 - 12:35 CEST

G109

As foundation models become increasingly central to health applications, the open-source community plays a vital role, not only in democratizing access to data and models, but also in driving safe, reproducible, and equitable innovation. In this talk, I will explore the rapidly growing ecosystem of open-source foundation models, with a particular focus on healthcare, where governance, fairness, and privacy are essential.

I will share lessons learned from our team's experience developing and releasing several open-source resources, including datasets, training pipelines, and evaluation frameworks designed to support advanced AI and multimodal learning in health. These tools enable rapid prototyping, benchmarking, and reproducible experimentation across vision-language and other multimodal health tasks.

This session offers a hands-on perspective for researchers and developers looking to engage with open foundation model efforts. Whether you're releasing models, curating datasets, or contributing to tooling, you'll gain insights into best practices for documentation, data quality assurance, and aligning model development with ethical and privacy principles in health AI.

Speakers

Elham Dolatabadi

Assistant Professor/Scientist, York University

Elham Dolatabadi, PhD, is an Assistant Professor and early-career researcher at York University. She as an emerging leader in machine learning (ML) for health, an affiliated faculty member at the Vector Institute. Her contributions to date have advanced the development of advanced... Read More →

Wednesday August 27, 2025 11:55 - 12:35 CEST
G109

Open Source 101

Audience Experience Level Any

11:55 CEST

Zero Trust Maturity Assessment With OSCAL - Donald Hunter, Red Hat

Wednesday August 27, 2025 11:55 - 12:35 CEST

G104

When implementing Zero Trust there is no one size fits all solution. The complexity of understanding the principles of Zero Trust and mapping them to a given technology stack have inhibited widespread adoption. Reasoning about system properties against any framework or criteria, and the corresponding adoption paths to achieve increasing maturity is always a challenge, especially for organisations relying on open source technologies.

By leveraging the Open Security Controls Assessment Language (OSCAL) controls and processes along with existing Red Hat compliance frameworks we aim to simplify Zero Trust compliance and maturity assessment while signposting the steps to improving Zero Trust maturity.

Attendees will walk away with an understanding of Zero Trust, how automated compliance can benefit their measurement and implementation of Zero Trust objectives, and open source efforts to streamline the assessment process.

Speakers

Donald Hunter

Senior Principal Software Engineer, Red Hat

Donald is the Security team lead in the Office of the CTO at Red Hat where he focuses on emerging technologies in Security. Donald is a veteran in the network industry with over 20 years at Cisco before joining Red Hat. Donald’s recent focus has been on AI trust and security, Zero... Read More →

Wednesday August 27, 2025 11:55 - 12:35 CEST
G104

Operations Management

Audience Experience Level Any

11:55 CEST

AutoSD: A Linux Development and Prototyping Framework for the Automotive Community - Alessandro Carminati & Gabriele Paoloni, Red Hat

Wednesday August 27, 2025 11:55 - 12:35 CEST

D204

In the landscape of automotive software, the need for customizable, reliable, and secure operating systems is a commonly shared need. AutoSD, promoted by the CentOS Automotive Special Interest Group, serves as an upstream distribution for the automotive ecosystem and is also a public preview of the Red Hat's In-Vehicle Operating System.

Built upon CentOS Stream, AutoSD introduces automotive-specific enhancements, including a real-time Linux kernel, OSTree-based immutability, and support for mixed-criticality workloads through containerization. This session provides an introduction to AutoSD, highlighting its architecture, key feature and the contribution/development workflow.

Attendees will learn how to enable new HW SoCs on AutoSD, how to prototype for their specific applications, and the process to propose changes into the AutoSD master branch. The session will also explore how AutoSD can serve as a reference framework for open source communities such as ELISA, Eclipse SDV, and others, fostering collaboration and alignment across the broader automotive software ecosystem.

Speakers

Alessandro Carminati

Principal Software Engineer, Red Hat

As a Linux Kernel Engineer within the RedHat Automotive Team, I specialize in both upstream contributions and downstream efforts, focusing on enhancing Linux kernel functionality for automotive.

Gabriele Paoloni

Sr SW Principal Engineer, Red Hat

Gabriele Paoloni is an Open Source Community Technical Leader at Red Hat.

Wednesday August 27, 2025 11:55 - 12:35 CEST
D204

Safety-critical Software

Audience Experience Level Any

14:10 CEST

Advancing AI Application Development on RISC-V Platforms - Yuning Liang, DeepComputing

Wednesday August 27, 2025 14:10 - 14:50 CEST

Elicium 1

RISC-V has made significant strides as an open instruction set architecture for embedded, edge, and server-class systems. However, enabling modern AI workloads: such as speech-to-text, LLM inference, and multimodal generation on RISC-V remains a major technical challenge, particularly in resource-constrained environments.

In this session, we share our ongoing efforts to enable real-world AI applications on RISC-V platforms based on a 64-bit 8-core RISC-V AI SoC. We explore the porting, optimization, and runtime behavior of popular open-source AI workloads like Whisper, VLC with Speech-to-Text, webLLM, and text-to-image generation, running entirely on RISC-V hardware.

We will also discuss the implications of DSP instruction emulation for RISC-V vector standard RVV 1.0, as well as the use of Vector DSP and Vulkan and OpenCL backends, and how developers can contribute to or replicate these experiments. Our goal is to provide a transparent, reproducible pathway for the open-source community to extend AI capabilities on emerging RISC-V platforms.

Speakers

Yuning Liang

Founder & CEO, DeepComputing

Yuning has a strong background in embedded systems, platform APIs, and AI. He founded Xcalibyte, DeepComputing, and Synergic, and invested in BravoMonster RC Cars. In 2024, he received the "RISC-V Community Contributor Award" and was recognized as an "Ubuntu Summit Contributor." A... Read More →

Wednesday August 27, 2025 14:10 - 14:50 CEST
Elicium 1

Embedded Linux Conference

Audience Experience Level Any

14:10 CEST

Exploring the Power of eBPF for System Observability - Shaghayegh Tavakoli, IONOS & Zahra Dehghanpour, bol.

Wednesday August 27, 2025 14:10 - 14:50 CEST

G102-103

This talk offers a gentle and practical introduction to eBPF as a powerful framework for Linux and network observability. We’ll walk through real scenarios—like tracing incoming packets, measuring syscall latency, and visualizing kernel behavior using tools like bpftrace and bcc.

While often seen as advanced, eBPF is surprisingly accessible. You don’t need deep kernel knowledge or C programming skills to start using it. Whether you're a developer, sysadmin, or just curious about how Linux works under the hood, this talk shows how eBPF can make observability approachable and even fun.

We'll focus on how eBPF helps answer complex performance and debugging questions in a modern, efficient, and safe way—turning opaque system behavior into actionable insights using just the command line and some well-crafted trace scripts.

Speakers

Zahra Dehghanpour

Platform Engineer, Bol.com

a platform engineer work at bol. with the interests of Linux and Kubernetes

Shaghayegh Tavakoli

Site Reliability Engineer, IONOS

Site Reliability Engineer with 6+ years of experience in scalable infrastructure and Kubernetes automation. Passionate about Linux, networking, and open source. I love exploring system internals, observability tools like eBPF, and building reliable, secure systems using Python, Ansible... Read More →

Wednesday August 27, 2025 14:10 - 14:50 CEST
G102-103

Linux

Audience Experience Level Any

14:10 CEST

Why We Needed an Open Source AI Definition Now - Stefano Maffulli, Open Source Initiative

Wednesday August 27, 2025 14:10 - 14:50 CEST

G109

Why did we need to define Open Source AI, how did the OSI go about it, what conclusions did they reach, what's next, and how is the OSI's Open Source AI definition (OSAID) already helping to combat openwashing?

In this Session, OSI's executive director, Stefano Maffulli will present the process that led to the OSAID, and OSI EU Policy Analyst Jordan Maris will explain how the OSAID is vital to combatting openwashing in Europe and beyond.

Speakers

Stefano Maffulli

Executive Director, Open Source Initiative

Stefano is the Executive Director of the Open Source Initiative, he joined OSI in 2021 after decades of open source advocacy, both as a contributor and leader. He co-founded and led the Italian chapter of Free Software Foundation Europe from 2001 to 2007, structured the developer... Read More →

Wednesday August 27, 2025 14:10 - 14:50 CEST
G109

Open Source 101

Audience Experience Level Any

14:10 CEST

Shifting Safety Techniques To a Statistical World - Imanol Allende, Codethink & Nicholas Mc Guire, OpenTech

Wednesday August 27, 2025 14:10 - 14:50 CEST

D204

The current aim of the industry is to develop and deploy highly complex safety-related systems. However, these systems differ significantly from traditional deterministic ones. Modern systems demand high-performance and security while exhibiting inherent non-determinism, challenging conventional safety approaches.

As safety-related systems evolve toward unprecedented complexity, they increasingly exhibit emergent properties that cannot be adequately captured through Descartes' approach of "dividing each difficulty into as many parts as is feasible and necessary to resolve it". This fundamental shift requires a transition from element-by-element analysis to holistic statistical modeling.

Consequently, we believe the future lies in statistical system analysis. Methods like Probabilistic Worst Case Execution Time and Statistical Path Coverage demonstrate how complex systems can be assured through statistical approaches.

This presentation identifies limitations of traditional techniques, explores opportunities offered by statistical approaches with examples, and analyzes requirements for these methods to be effectively applied in the functional safety domain.

Speakers

Imanol Allende

Software Safety Engineer, Codethink

Imanol Allende received his Ph.D. in computer science from the University of Siegen in 2022. Since 2014, he has been involved in various research projects involving safety-related systems based on Open Source software. He collaborated on the SIL2LinuxMP project, and is currently continuing... Read More →

Nicholas Mc Guire

CEO, OpenTech

After working at the Technical University of Vienna, Nicholas moved towards real-time embedded systems, initially maintaining RTLinux/GPL (2001-2005). Thus, safety related systems were an almost natural next step in 2003. Nicholas main topic is system safety since he founded OpenTech... Read More →

Wednesday August 27, 2025 14:10 - 14:50 CEST
D204

Safety-critical Software

Audience Experience Level Any

14:10 CEST

Run a Documentation Sprint for Your Project - Sarah Corleissen, Isovalent at Cisco

Wednesday August 27, 2025 14:10 - 14:50 CEST

G106

This talk covers how to run a documentation sprint for your project.

Docs sprints improve your project by giving contributors an opportunity to collaborate within a well-defined structure and limited time.

In this talk, we'll cover everything you need to set up a sprint, run it, and build on the results.

This talk is based on real-world experience running docs sprints for open source projects, including Kubernetes.

Speakers

Sarah Corleissen

Head of Documentation, Isovalent at Cisco

Sarah is a former chair of Kubernetes SIG Docs and current contributor to the Cilium project. In addition to contributing to several OSS projects, she has worked on documentation at Isovalent at Cisco, Stripe, and the Linux Foundation, and spoken at conferences including FOSDEM, KubeCon... Read More →

Wednesday August 27, 2025 14:10 - 14:50 CEST
G106

Technical Documentation

Audience Experience Level Any

14:10 CEST

The Native Simulator and Zephyr - Alberto Escolar, Nordic Semiconductor

Wednesday August 27, 2025 14:10 - 14:50 CEST

D203

The native simulator is an evolution of Zephyr's native_posix and the POSIX architecture.

It is a basic part of Zephyr's test and debug infrastructure which allows you to build, run and debug your code directly in your host, instrumenting it however you want.

In this talk we will cover:

* An introduction to the native simulator in Zephyr.

* Why does it exist: What one can do with it, and how we use it in Zephyr.

* The native simulator based targets we have in Zephyr.

* How does it work: A brief description of its architecture and what it supports.

* What the average user needs to know ("I just want to run my tests on it, what are the gotchas").

* What a power user needs to know ("I want to write my own driver to interact with a host peripheral, how?").

Speakers

Alberto Escolar

Principal Engineer, Nordic Semiconductor

Zephyr RTOS Maintainer since 2017, and author of the native simulator, POSIX architecture, and Babblesim.

Wednesday August 27, 2025 14:10 - 14:50 CEST
D203

Zephyr Developer Summit

Audience Experience Level Any

15:05 CEST

Why and How We Updated Our License Policy for Use of Open Source - Nico Rikken, Alliander & Jonas van den Bogaard, Alliander N.V.

Wednesday August 27, 2025 15:05 - 15:35 CEST

G107

As open source becomes increasingly important, more organizations are recognizing its value. However, organizations like Alliander, a Dutch Grid Operator, which are not primarily software companies, face unique challenges in its adoption.

One of the first policies we created as an OSPO was the license policy for the use of open source. It quickly became the most viewed page of our OSPO guidance. As our understanding of open source in the enterprise grew, we encountered more licenses and edge cases that needed to be addressed. Consequently, our policy expanded to the point where it became unwieldy for our colleagues to use. We took the time to restructure our license policy to accommodate more situations while making it easier to understand for those new to open source licensing.

In this presentation, we will discuss how the Alliander OSPO developed a licensing policy that evolved in complexity over time. We will cover the issues we needed to address, the process of updating our policy, and the details of the updated policy itself. Our story underscores the value an OSPO can gain from close collaboration with senior developers, software asset management, and the legal department.

Speakers

Nico Rikken

Open Source Advocate, Alliander

Nico Rikken has a track record in maximizing the potential of Free and Open Source Software in the energy sector and in the Netherlands. As Open Source Ambassador at grid operator Alliander he helps make open source project participation successful and ensure control over the company... Read More →

Jonas van den Bogaard

Digital Strategy Lead & Open Source Office Lead, Alliander N.V.

Jonas van den Bogaard is a Digital Strategy Lead at Alliander, a distribution system operator (DSO) in the Netherlands. Alliander provides reliable, affordable, and accessible energy transport and distribution to a large part of the Netherlands. Open source has proved to be an enabler... Read More →

Wednesday August 27, 2025 15:05 - 15:35 CEST
G107

OSPOCon

Audience Experience Level Any

15:05 CEST

NeoNephos' OpenMFP and Platform Mesh: Building Composable Enterprise Architectures - Bastian Echterhölter & Mirza Kopic, SAP SE

Wednesday August 27, 2025 15:05 - 15:45 CEST

Emerald Room

OpenMFP addresses the critical challenge of fragmented user experiences in enterprise environments by establishing a unified architectural framework for micro frontend composition. The platform creates seamless digital UX by standardizing how distributed UI components integrate while preserving team autonomy and eliminating redundancies of core functionalities.

Platform Mesh establishes interoperability between multiple providers by building upon the Kubernetes API and resource model. Developers and admins can discover, access, and order services from various sources through their beloved kubectl.

The architectural implementation leverages a GraphQL layer that orchestrates resources through the Kubernetes Resource Model (KRM), secured by a fine grained authorization approach (ReBAC) with OpenFGA.

These complementary technologies power diverse applications: Internal Developer Platforms, enterprise marketplaces and self-service portals. We'll demonstrate how NeoNephos projects reduce cognitive load, accelerate development, and support European cloud sovereignty. The talk shows how open source solutions are reshaping enterprise platform patterns through composable architecture.

Speakers

Bastian Echterhölter

Principal Software Engineer and Lead Architect, SAP SE

Bastian is a Principal Software Engineer and Lead Architect the OpenMFP NeoNephos project, bringing 18 years of professional experience across consulting and product development. His work centers on cloud native technologies, DevOps practices, and enhancing Developer Experience, with... Read More →

Mirza Kopic

Principal Software Engineer and Lead Architect, SAP SE

Mirza Kopic is a Principal Engineer and Lead Architect with ApeiroRA Platform Mesh project. Previously Mirza has worked in many different roles, including managing global analytics teams, working with Machine Learning teams and leading diverse projects in the that involve kubernetes... Read More →

Wednesday August 27, 2025 15:05 - 15:45 CEST
Emerald Room

Cloud & Containers

Audience Experience Level Any

15:05 CEST

Setting up Real-time Ethernet and TSN With Linux: A 10-step Guide - Jan Altenberg, Open Source Automation Development Lab (OSADL) eG

Wednesday August 27, 2025 15:05 - 15:45 CEST

Elicium 2

The Ethernet real-time evolution, partly driven by TSN standards, may represent an important step for building an open ecosystem for fieldbus communication. With more TSN capable hardware supported by Free and Open Source Software, this ecosystem seems to be almost complete – but still not very much in use. One reason may be the lack of support and the complexity of choosing and configuring the software. This presentation addresses this gap and presents a guide of how to set up real-time Ethernet communication on a Linux system. It includes a list of software components, configuration details of the network devices, routing of critical traffic and timely processing by the Linux kernel.

Speakers

Jan Altenberg

Director, Open Source Automation Development Lab (OSADL) eG

Jan Altenberg has more than 20 years of experience in developing and maintaining Embedded Linux systems. Since October 2021 Jan works as Senior Open Source Consultant and Embedded Systems Integrator at the Open Source Automation Development Lab (OSADL) eG and since 2024, he also serves... Read More →

Wednesday August 27, 2025 15:05 - 15:45 CEST
Elicium 2

Embedded Linux Conference

Audience Experience Level Any

16:20 CEST

Lightning Talk: How Zephyr Shaped My Journey as a Trainee in Embedded Software Development - Verena Schweinstetter, ZEISS

Wednesday August 27, 2025 16:20 - 16:30 CEST

D202

The community spirit of open-source projects is extraordinarily captivating, and it was this very spirit that I experienced firsthand within my trainee program. During this time, I had the invaluable opportunity to immerse myself in various aspects of the Zephyr Project across different job stations.

In this session, I’ll share my journey of becoming part of the Zephyr Project community, highlighting:

• Navigating the Learning Curve: Insights from porting existing applications to Zephyr.

• Establishing a Repository Structure: Challenges and solutions in organizing code effectively.

• Exploring the Toolchain: Meeting the needs of embedded software development.

• Contributing My First Pull Request: The thrill and lessons from my first pull request.

By the end of this session, you’ll walk away with practical tips to kickstart your own journey with Zephyr and feel inspired by the empowering experience of being part of the Zephyr Project community!

Speakers

Verena Abt

Embedded Developer, Carl Zeiss Meditec AG

Verena is a young professional at Carl Zeiss Meditec AG, where she has been working since April 2025. Prior to that, she successfully completed the ZEISS Global Graduate Program, specializing in embedded software development. During her time in the program, she became deeply involved... Read More →

Wednesday August 27, 2025 16:20 - 16:30 CEST
D202

Zephyr Developer Summit

Audience Experience Level Any

16:20 CEST

Software Defined Hardware on Heterogeneous SoCs Using OpenAMP - Peter Fecher, PHYTEC Messtechnik GmbH

Wednesday August 27, 2025 16:20 - 17:00 CEST

Elicium 2

The growing complexity of modern embedded systems requires innovative approaches to make hardware more flexible and efficient to use. A concept for the software-controlled emulation of interfaces using technologies like Bit-banging, NXPs FlexIO or similar will be presented. The presented approach utilizes the integrated coprocessor of a heterogeneous SoC to achieve maximum efficiency and fulfil the corresponding real-time requirements.

With Zephyr RTOS and OpenAMP, seamless inter-processor communication is realized, allowing easy and modular integration into Linux. The prototype developed shows how software-defined approaches can improve flexibility of hardware adaptation in embedded systems.

Speakers

Peter Fecher

Embedded Software Developer, PHYTEC Messtechnik GmbH

Peter Fecher just finished his bachelors degree in Computer Engineering. He has been working at PHYTEC for 3 years now, specialising on microcontrollers and IoT systems.

Wednesday August 27, 2025 16:20 - 17:00 CEST
Elicium 2

Embedded Linux Conference

Audience Experience Level Any

16:20 CEST

Adding the W3C’s New ARRM To Improve Your Project’s Accessibility - Mike Gifford, CivicActions

Wednesday August 27, 2025 16:20 - 17:00 CEST

G001-002

The W3C recently released a draft of the Accessibility Roles and Responsibilities Mapping (ARRM) framework—a practical tool for open source teams to better define and share accessibility responsibilities across roles. In this session, we’ll explore how ARRM can help open source maintainers, designers, developers, content contributors, and community leaders collaborate more effectively on accessibility goals.

Whether you’re maintaining a solo project or coordinating a large contributor base, ARRM offers a roadmap to embed accessibility into your workflows and culture—without burning out a single “accessibility lead.” Learn how adopting ARRM can help your project move from one-time audits to continuous improvement, and why accessibility is a shared responsibility—not just a technical checklist.

https://www.w3.org/WAI/planning/arrm/

Speakers

Mike Gifford

Open Standards and Practices Lead, CivicActions

Mike Gifford is an open standards and practices lead at CivicActions and a thought leader on digital accessibility in the public sector. He is also a W3C Invited Expert and recognized authoring tool accessibility expert.

Wednesday August 27, 2025 16:20 - 17:00 CEST
G001-002

Equity + Inclusion + Accessibility

Audience Experience Level Any

16:20 CEST

Team Topologies and the Value Paths for OSPOs & ISPOs - Clare Dillon, CURIOSS

Wednesday August 27, 2025 16:20 - 17:00 CEST

G107

In 2019 Matthew Skelton and Manuel Pais’s published Team Topologies, which became a widely influential book in the software and DevOps communities, praised for its practical framework on organizing teams for fast flow and effectiveness. The book defines four fundamental team types (including enabling and platform teams). Team Topologies' popularity drove investment in enabling and platform teams, as organizations attempted to reduce cognitive load and support stream-aligned teams through better internal tooling and collaboration structures. Open Source Program Offices (OSPOs) and InnerSource Program Offices (ISPOs) are organizational units that enable open collaboration practices. In this talk, Clare will use the Team Topologies framework as a lens to understand how these program offices fit into an organization’s structure. This talk will explore how Team Topologies can provide a foundation for crafting a clear and compelling value proposition for OSPOs and ISPOs. It helps translate the often intangible or misunderstood work of these program offices into well-defined roles, interactions, and outcomes that resonate with business, engineering, and leadership audiences.

Speakers

Clare Dillon

CURIOSS Community Lead, CURIOSS

Wednesday August 27, 2025 16:20 - 17:00 CEST
G107

OSPOCon

Audience Experience Level Any

16:20 CEST

User Research in the Open-source Project: The Good Docs Project Case - Lana Novikova, JetBrains

Wednesday August 27, 2025 16:20 - 17:00 CEST

G106

This talk explores how The Good Docs Project integrated user research methodologies into an open-source environment to better understand our users and improve documentation templates and suite we provide. I'll share our journey of creating a UX research kit tailored for open-source projects, conducting user interviews, and analyzing qualitative data - all while navigating the unique challenges of distributed collaboration and volunteer contributors. This case study offers practical insights for other open-source communities looking to implement user-centered design approaches.

Speakers

Lana Novikova

Product manager, JetBrains

Hello there! I’m Lana, a dedicated technical writer, docops enthusiast, and a specialist in knowledge management.

Wednesday August 27, 2025 16:20 - 17:00 CEST
G106

Technical Documentation

Audience Experience Level Any